LastPass, the global pioneer in zero-knowledge password management announced that customers can access their vault, and all sites stored in it, with a simple and secure passwordless login using the LastPass Authenticator.
As the first password manager with this offering, LastPass is in a unique position to bring both individuals and businesses instant access to the applications and credentials they need in a seamless, simple and secure way.
FIDO-supported passwordless future
LastPass is deeply committed to a standards-based FIDO-supported passwordless future and has held a seat on FIDO’s Board of Directors since September 2020 to help drive the standardised and open approach to passwordless.
LastPass has dedicated more than 18 months to identifying the best path forward to ensure customers have a seamless and secure passwordless experience.
Passwordless login
While implementation and adoption of passwordless is the industry’s ultimate goal, it will likely take years"
“On the heels of tech giants and identity providers unveiling their plans to enable passwordless across their operating systems, web browsers, devices, and applications, LastPass is excited to be the first solution and only password manager to allow users to securely and effortlessly login, manage their account credentials and get instant access to the accounts used every day without ever having to enter a password,” said Chris Hoff, Chief Secure Technology Officer at LastPass.
“While broad implementation and adoption of passwordless is the industry’s ultimate goal, it will likely take years before people experience an end-to-end passwordless login across all applications, but LastPass helps get you there sooner.”
Primary authentication method
The company is actively building FIDO2-compliant components and supporting authentication mechanisms, such as biometric face and fingerprint ID, and the addition of hardware security keys which are expected to be added to the passwordless offering later in 2022.
LastPass’ current and future passwordless login options replace the need for the master password as the primary method of authenticating a user upon logging in to a LastPass vault, thereby giving simple passwordless access to the dozens or hundreds of sites stored within.
Credential control
As passwordless technology is developed and adopted across the industry, LastPass is committed to providing customers with a simple, passwordless future with the end goal of completely removing the need for a master password, while continuing to maintain the privacy and security the company is known for, ensuring customers stay in total control of their credentials and all information saved in their vaults.
“Authentication is a critical component of any zero-trust architecture and bringing that to users at scale is how businesses can enable greater security and enhanced user experience," said Andrew Shikiar, executive director and CMO of the FIDO Alliance.
Higher security solution
The key to success with passwordless is delivering on the promise to reduce user friction while enhancing security
"We applaud LastPass for continuing to evolve their offerings to bring a passwordless login experience to users around the world, helping to break the dependence on passwords and usher in a safer way to interact online."
As an industry pioneer in cybersecurity, LastPass envisions a future without passwords because weak or reused passwords create higher security risks for individuals and businesses. The key to success with passwordless, as with all security tools, is delivering on the promise to reduce user friction while simultaneously enhancing security.
Additional highlights
- Fill gaps left by other identity providers: Just like SSO and MFA do not secure all passwords in use across the workforce, neither does the passwordless functionality that was announced in May 2022. With LastPass, users can offer immediate and consistent passwordless access to all credential-based logins used by employees.
- Increased productivity: When passwords are removed from the login equation, users no longer waste time having to reset and input their passwords, and IT teams no longer spend hours helping employees regain access and resolve mundane issues.
- Simplicity, unlocked: By using the LastPass Authenticator, users can access and manage important account credentials in their LastPass vault without ever having to enter a password. This grants users instant and seamless access while maintaining security and greatly reducing password-related friction.
- Less friction means higher adoption: A reduction in password-related friction means increased access to the LastPass vault, driving adoption across the organisation for business accounts. This higher rate of adoption improves overall employee password hygiene and helps significantly reduce the organisation’s cyber risk as a result.
- Stronger security standards: Users can set an even stronger master password since they won’t need to use it as often. Reducing the frequency of entering the master password helps protect the account from bad actors.